Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/gycocjfY8iCPK3Vsp_UNnH1vJjU.roa
File: gycocjfY8iCPK3Vsp_UNnH1vJjU.roa (raw, json)
Hash identifier: cTQJcEptCCbh4Ac21NiTtBjtXQN+NE1LVb9nQOznT5M=
Subject key identifier: 83:27:28:72:37:D8:F2:20:8F:2B:75:6C:A7:F5:0D:9C:7D:6F:26:35
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802DE2C45CCEF194C0202377B71754E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/gycocjfY8iCPK3Vsp_UNnH1vJjU.roa
Signing time: Tue 02 Jan 2024 02:31:20 +0000
ROA not before: Tue 02 Jan 2024 02:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12552
IP address blocks: 193.181.71.0/24 maxlen: 24
192.71.200.0/24 maxlen: 24
194.103.248.0/24 maxlen: 24
193.182.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:de:2c:45:cc:ef:19:4c:02:02:37:7b:71:75:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8327287237d8f2208f2b756ca7f50d9c7d6f2635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7f:fa:96:ff:35:ac:51:a3:11:12:38:cc:fe:
7a:84:a5:a0:9c:6a:a8:1e:4a:a9:f5:ff:71:19:e0:
be:9a:50:bb:d6:c7:a5:c5:63:e3:e4:7c:6a:33:df:
0f:e4:ed:8c:8a:20:29:0c:e2:87:ec:78:5a:d6:21:
2f:e0:5c:cc:50:3a:c0:92:f2:1c:69:10:9a:86:01:
29:14:a7:d7:6e:7d:a3:83:ab:32:46:2f:50:ca:93:
76:33:8a:b5:c6:27:eb:51:91:74:34:bd:24:74:f4:
1d:a0:bc:f1:a9:7f:44:6c:18:27:ac:f7:48:21:09:
76:d1:63:ca:bc:5f:9c:12:a3:28:45:60:9a:00:e7:
3b:3f:4e:6d:ac:58:94:6e:d2:d8:37:53:dc:12:30:
34:c5:34:30:dd:0a:45:32:dc:99:69:36:38:5d:b8:
34:2b:19:2a:26:32:30:d8:f1:84:6f:a5:49:f0:3a:
45:78:e6:06:93:91:ad:61:77:41:aa:80:09:98:9f:
a2:0b:9b:53:9e:0a:70:26:43:9b:d1:9c:7f:fd:20:
5f:ad:11:b6:e4:14:3e:79:44:13:92:f1:78:fc:4a:
2b:19:89:7a:d7:88:85:98:8d:88:f7:4f:2d:9f:ae:
f9:f0:f4:bb:f6:aa:a2:cc:e4:52:3c:38:86:f3:55:
d3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:27:28:72:37:D8:F2:20:8F:2B:75:6C:A7:F5:0D:9C:7D:6F:26:35
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/gycocjfY8iCPK3Vsp_UNnH1vJjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.200.0/24
193.181.71.0/24
193.182.6.0/24
194.103.248.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:10:98:68:1e:6e:1f:60:ac:88:66:7e:c6:85:92:be:d5:b0:
9f:70:6e:56:aa:3d:93:1a:5d:ce:e7:34:29:67:4c:1e:05:79:
10:db:f6:95:e6:3f:bc:d0:f7:24:67:a5:2d:76:6c:bb:a1:ef:
55:5e:9f:06:78:54:82:eb:1d:28:70:43:e9:b8:cd:1f:e0:4b:
7e:ba:ff:1d:b0:8d:3c:2d:cc:7b:b7:66:39:34:4d:d7:b8:15:
c4:0c:f4:8b:8b:c0:56:ff:a9:67:cd:8a:34:39:f6:e4:4e:61:
9e:42:29:da:a8:04:78:91:57:b7:60:3f:20:89:73:b1:e5:44:
1c:01:c5:1d:23:02:49:f3:d0:8f:6c:e8:7f:46:e8:8f:a9:c5:
7c:ea:8d:08:c1:ec:3a:b6:6a:48:bc:56:f0:e0:dc:d9:fd:6e:
f2:ee:24:a5:b3:75:43:9f:4a:20:b3:32:36:70:5c:88:65:39:
19:50:6d:6d:3e:79:b5:e1:94:aa:65:01:2e:8a:20:08:9f:a3:
75:b6:2d:5e:09:b3:b5:b1:95:ed:9e:ae:c1:65:56:e8:79:47:
d2:4e:ce:44:30:c2:29:52:54:73:18:09:be:32:3d:e8:1f:7e:
74:99:40:b1:33:57:83:81:b6:2f:f4:be:59:1e:f2:19:01:ed:
1b:60:4c:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAt4sRczvGUwCAjd7cXVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzI3Mjg3MjM3ZDhmMjIwOGYyYjc1NmNhN2Y1MGQ5YzdkNmYyNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX/6lv81rFGjERI4zP56hKWgnGqo
Hkqp9f9xGeC+mlC71selxWPj5HxqM98P5O2MiiApDOKH7Hha1iEv4FzMUDrAkvIc
aRCahgEpFKfXbn2jg6syRi9QypN2M4q1xifrUZF0NL0kdPQdoLzxqX9EbBgnrPdI
IQl20WPKvF+cEqMoRWCaAOc7P05trFiUbtLYN1PcEjA0xTQw3QpFMtyZaTY4Xbg0
KxkqJjIw2PGEb6VJ8DpFeOYGk5GtYXdBqoAJmJ+iC5tTngpwJkOb0Zx//SBfrRG2
5BQ+eUQTkvF4/EorGYl614iFmI2I908tn6758PS79qqizORSPDiG81XTLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIMnKHI32PIgjyt1bKf1DZx9byY1MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZ3ljb2NqZlk4aUNQSzNWc3BfVU5uSDF2SmpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwEfIAwQA
wbVHAwQAwbYGAwQAwmf4MA0GCSqGSIb3DQEBCwUAA4IBAQC8EJhoHm4fYKyIZn7G
hZK+1bCfcG5Wqj2TGl3O5zQpZ0weBXkQ2/aV5j+80PckZ6Utdmy7oe9VXp8GeFSC
6x0ocEPpuM0f4Et+uv8dsI08Lcx7t2Y5NE3XuBXEDPSLi8BW/6lnzYo0OfbkTmGe
QinaqAR4kVe3YD8giXOx5UQcAcUdIwJJ89CPbOh/RuiPqcV86o0Iwew6tmpIvFbw
4NzZ/W7y7iSls3VDn0ogszI2cFyIZTkZUG1tPnm14ZSqZQEuiiAIn6N1ti1eCbO1
sZXtnq7BZVboeUfSTs5EMMIpUlRzGAm+Mj3oH350mUCxM1eDgbYv9L5ZHvIZAe0b
YExJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:52 2025 by rpki-client